Black Hat 2020: See you in the Cloud!

It hardly feels like summer without the annual trip to Las Vegas for Black Hat USA. With this year’s event being totally cloud based, we won’t have the chance to catch up with security researchers, industry partners, and customers in person, an opportunity we look forward to every year. We’ll sti...

Black Hat 2020: See you in the Cloud!

It hardly feels like summer without the annual trip to Las Vegas for Black Hat USA. With this year’s event being totally cloud based, we won’t have the chance to catch up with security researchers, industry partners, and customers in person, an opportunity we look forward to every year. We’ll sti...

Obscured by Clouds: Insights into Office 365 Attacks and How Mandiant Managed Defense Investigates

With Business Email Compromises BECs showing no signs of slowing down, it is becoming increasingly important for security analysts to understand Office 365 O365 breaches and how to properly investigate them. This blog post is for those who have yet to dip their toes into the waters of an O365 BEC...

Critical Bugs in Utilities VPNs Could Cause Physical Damage

Remote code-execution vulnerabilities in virtual private network VPN products could impact the physical functioning of critical infrastructure in the oil and gas, water and electric utilities space, according to researchers. Researchers at Claroty found that VPNs used to provide remote access to...

IBM Verify Gateway (IVG) Sensitive Information Plaintext Transfer Disclosure Vulnerability

IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. IBM Verify Gateway IVG suffers from a Sensitive Information Exposure by Plaintext Transfer vulnerability. The vulnerability stems from the program allowing the transmission of sensitive information in...

IBM Verify Gateway (IVG) Sensitive Information Plaintext Storage Vulnerability

IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. A security vulnerability exists in IBM Verify Gateway IVG versions 1.0.0 and 1.0.1, which stems from a program that allows sensitive information to be transmitted in clear text. An attacker could exploi...

IBM Verify Gateway (IVG) User Credentials Plaintext Storage Vulnerability

IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. A user credentials plaintext storage vulnerability exists in IBM Verify Gateway IVG. A local attacker could exploit this vulnerability to read user credentials...

IBM Verify Gateway (IVG) Hardcoded Credentials Vulnerability

IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. A hard-coded credentials vulnerability exists in IBM Verify Gateway IVG. An attacker could exploit the vulnerability to obtain credentials such as passwords or encryption keys...

IBM Verify Gateway (IVG) Account Lockout Improperly Set Vulnerability

IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. An improperly set account lockout vulnerability exists in IBM Verify Gateway IVG. A remote attacker could exploit the vulnerability to brute-force break account credentials...

IBM Verify Gateway (IVG) Denial of Service Vulnerability

IBM Verify Gateway IVG is a cloud-based authentication solution from IBM in the United States. A denial of service vulnerability exists in IBM Verify Gateway IVG. An attacker could exploit this vulnerability to cause a denial of service with a malformed request...

Building Security into Cloud Native Apps with NGINX

Industries from hospitality to taxis/transportation and food delivery are being disrupted by new age companies like Airbnb, Uber and DoorDash that have a cloud-based software infrastructure as one of their main enablers. Why do all these new companies use cloud and what advantage does it give the...

ConnectWise Automate SQL Injection Vulnerability

ConnectWise Automate is a cloud-based, local IT automation solution from ConnectWise USA. The product supports content management, file sharing, IT asset tracking and management, and more. A SQL injection vulnerability exists in Connectwise Automate versions prior to 2020.7 and prior to 2019.12...

Time for a Haircut

Like many people around the world, my hair has grown profusely in the past few months and bears little resemblance to the photo in my profile. Without the required care and attention, my hair is getting dangerously close to the bad hairstyles I adopted in the 1980s. I could of course attempt to f...

Feeling fatigued? Cloud-based SIEM relieves security team burnout

Most CISOs and CSOs are worried that a growing volume of alerts is causing burnout among their teams, according to new research from IDG. You can learn about additional challenges to security operations teams by reading the IDG report SIEM Shift: How the Cloud is Transforming Security Operations...

Inside Microsoft Threat Protection: Mapping attack chains from cloud to endpoint

The increasing pervasiveness of cloud services in today’s work environments, accelerated by a crisis that forced companies around the globe to shift to remote work, is significantly changing how defenders must monitor and protect organizations. Corporate data is spread across multiple...

Moving to cloud-based SIEM: the cost advantage

Companies weigh multiple factors in any technology implementation, balancing risks with business needs and IT capabilities. And while the same is true with cloud-based security information and event management SIEM solutions, cost overwhelmingly shapes the discussion as well. For example, accordi...

Secure Your Global Remote Workforce

Update June 9, 2020: Qualys adds Malware Detection to Free 60-Day Remote Endpoint Protection offering. This post has been updated to reflect this new Malware Detection capability. IT organizations around the world are responding to the challenge posed by COVID-19 by ensuring that employees are ab...

Any Indian DigiLocker Account Could've Been Accessed Without Password

The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially let a remote attacker bypass mobile one-time passwords OTP and sign in as other users. Discovered separately by two independent bug bounty researchers,...

Hybrid DDoS Protection is Like a Faulty Airbag

We know that some businesses are the target of constant DDoS attacks, while others face attacks less frequently. If your company falls on the side of less-frequent attacks or having never been attacked at all, you might be wondering, “does the threat still exist?” And “does it exist to the level ...

Microsoft ASP.NET Core Input Validation Error Vulnerability

Microsoft Visual Studio and Microsoft ASP.NET Core are both products of Microsoft Corporation, USA. Microsoft Visual Studio is a family of development tool suites and a largely complete development toolset that includes most of the tools needed throughout the software lifecycle. Microsoft ASP.NET...